Posts tagged safer surfing
Hey, check out this cool new movie … oh, that’s no movie its an Advertisement for an ESET Smart Security 5, which includes ESET Nod32 Antivirus.
Contrary to what many people think, McAfee and Norton do not provide the best antivirus (AV) protection for your computer.
Also, if you don’t have the bucks for an Antivirus and you are looking for a temporary alternative (because you DO want to have paid AV, right?) look into Microsoft Security Essentials.
OTHER AV VIDEOS
Compare the competition (ok, this really isn’t the way to compare, right? still its good for a laugh):
Got better YouTube links for Norton or McAfee?
Originally posted from one of my other blogs, George’s Wonder Blog on August, 5, 2008 – and little has really changed in that Facebook is not for the faint of heart. You need to be careful.
MySpace, Facebook, and Twitter attacked by social engineering – fake flash downloads
I’ve recently read about ‘Web worm’ attacks aimed at Facebook and MySpace; and just today I read about social engineering attacks (ploys, tricks) against Twitter. ZDNet’s Ryan Naraine posted Adobe: Beware of fake Flash downloads just today, and Adobe’s David Lenoe posted Verifying Installers on Adobe’s Product Security Incident Response Team blog yesterday. Here’s the skinny from Adobe’s blog, color & formatting added by myself for emphasis:
As part of National Cyber Security Awareness Month (see Gmail’s post for a link) Gmail is reminding people to use passwords wisely and has some great tips.
I am somewhat of a security freak (as those who know me will attest to) and I heartily recommend reading Google’s post. Here are some bad password practices Gmail’s Michael Santerre, Consumer Operations Associate points out that his original post lists solutions to:
- Re-using passwords is a bad practice (using the same password for more than one website)
- Using dictionary words, common passwords, and letters in sequence on the keyboard (like “pass”, “password”, “logmein”, “start”, and “zxcvb”)
- Using passwords based on personal data (like spouse’s name or birthdate)
- Storing your password in an unsecure place (like a sticky note on your monitor)
- Poor Password Recovery (hard passwords may be forgotten/lost, how will you find them if this happens?)
Spammers are nothing if not smart copycats. Why write your own copy (text message) and come up with your own ideas for formatting emails when you can take ideas directly from valid emails? That exactly what I see happening more and more lately. Take this email for example:
This message contains images. If you don’t see images, click here to view
In case of no image, press here
Subscribe | Unsubscribe | Change of Address
This message was sent from Naedaee to firstname.lastname@example.org.
You have been sent The Uzqvaq because you have opted in to receive it.
Note: It may take our system up to two business days to process your unsubscribe request and during that time you may receive one or two more newsletters. Thank you for reading.
If you get an email like this and your spam filter doesn’t catch it (Gmail has GREAT spam filters! Plus you can use Gmail on your T-Mobile G1) you might need to look at it carefully. In this case I noticed the email was from me (odd, eh? mailing myself a newsletter!) Then I hovered over the links in the email and saw the website addresses ended with .cn (China). Red flags went up and I wouldn’ve sent that sucker to spam folder, except it was already there. Look at your emails before hitting that “If you don’t see images, click here to view” link and you might save yourself a lot of trouble. Normally I will freely visit .com, .net, .org, .us, .com.uk, and some others that I recognize. Whenever I see a weird one I’ll google it. For example if the domains were something orother.az I google .az domains and see what comes up. In this case its Azerbaijan which I still lump together with Russia, so any unexcepted email from there I’d mark as spam.
MORE, PLUS A LITTLE RANTING AND CONSPIRACY THEORIES
Now, I certainly did not opt in to receive any free newsletters from a Chinese website. No wonder I read about stuff like the recent mysterious virus that struck the FBI & U.S. Marshals Service and now NASA is pretty much constantly getting hacked! Emails like the one above are sent out and employees, regular Joes and Janes in our governments work force are freaking out and clicking the unsubscribe or feedback links to get themselves removed from the list or complain about being on the list they certainly did not subscribe to. But instead there is a chance that the web page they are taken to (which they probably do not even realize is a Chinese website) has a virus embedded into it or other goodies to identify or attempt to infect the computer of the person clicking the link. I can imagine the programming on a page like this:
Is the visitor from the US or a US-loving country?
- If the American or American-loving visitor is NOT at a secure location China would like to hack, try to damage the visitor’s computer.
- If the American or American-loving visitor IS at a secure location China would like to hack, then try to load software onto that computer.
- If the visitor is not from a US-loving country then display a harmless webpage.
Now I realize I am generalizing big time, because not all Chinese websites are bad. But certainly those that send spam are bad to some extent. Plus after reading those two articles above I can’t resist a little conspiracy theory. NASA is getting hacked on a regular basis and the FBI and US Marshals Service have been infected to some extent by a virus.
Free, Screensavers, 2009 Saturn, Lyrics
Can you just look at keywords and see which ones are safe? Aren’t they all safe? No. And you can’t just look at a search term to decide if its safe any more than you can look at a book’s cover to see if the book will be any good – a little reading is on order. A ZDNet article two days ago about dangerous keywords reminded me about a painful lesson.
Unfortunately all search terms are not created equal… and Cybercriminals know it. The bad guys (scammers, hackers and the like) use SEO (coding your website so search engines rank it well) and SEM (paying to have search engines list your site). Unfortunately not only the good guys use SEO & SEM to get people to their websites, but so do the bad guys. Several of years back I was googling for a new screensaver or wallpaper or something and I ended up on one of those websites that tricked me into downloading a virus or malware or something that was not good – its been a while and my virus scanner was up-to-date and I got lucky and cleaned my machine of the downloaded infection.
Although McAfee touts McAfee SiteAdvisor as a way to minimize your risk (there are free and paid versions) education can go a long way. Nothing will ever make you 100% safe on the Internet, but these tips should help a lot
- keep your computer updated
- read Mafee’s “The Web’s Most Dangerous Search Terms” (PDF format)
- know how to close your browser when popups try to take control
- educate yourself about online scams and malware